<?php
session_start();
if (is_file('config.php')) require_once 'config.php'; else header('Location: install.php');
function db(): PDO {
    static $pdo; if (!$pdo) {
        $dsn = "mysql:host=$GLOBALS[DB_HOST];dbname=$GLOBALS[DB_NAME];charset=$GLOBALS[DB_CHAR]";
        $pdo = new PDO($dsn, $GLOBALS['DB_USER'], $GLOBALS['DB_PASS'], [PDO::ATTR_ERRMODE=>PDO::ERRMODE_EXCEPTION]);
    } return $pdo;
}
if ($_POST) {
    $stmt = db()->prepare('SELECT * FROM admin WHERE username = ?');
    $stmt->execute([$_POST['user']]);
    $u = $stmt->fetch();
    if ($u && password_verify($_POST['pass'], $u['password'])) {
        $_SESSION['uid'] = $u['id']; header('Location: index.php'); exit;
    } $error = '账号或密码错误';
}
?>
<!doctype html>
<html lang="zh-CN">
<head>
  <meta charset="utf-8">
  <title>登录 - 仓库管理系统 V 0.1</title>
  <meta name="viewport" content="width=device-width,initial-scale=1">
  <link rel="stylesheet" href="bootstrap.min.css">
</head>
<body class="bg-light">
<div class="container py-5" style="max-width:380px">
  <h4 class="text-center mb-4">仓库管理系统 V 1.0</h4>
  <?php if (!empty($error)): ?>
    <div class="alert alert-danger"><?= $error ?></div>
  <?php endif; ?>
  <form method="post" class="card card-body shadow">
    <input class="form-control mb-3" name="user" placeholder="用户名" required autofocus>
    <input class="form-control mb-3" name="pass" type="password" placeholder="密码" required>
    <button class="btn btn-primary w-100">登录</button>
  </form>
</div>
<script src="bootstrap.bundle.min.js"></script>
</body>
</html>